Advisories » MGASA-2024-0196

Updated chromium-browser-stable packages fix security vulnerabilities

Publication date: 27 May 2024
Modification date: 27 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-5274

Description

The chromium-browser-stable package has been updated to the
125.0.6422.112 release. It includes 1 security fix.
* High CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne
of Google's Threat Analysis Group and Brendon Tiszka of Chrome Security
on 2024-05-20
Google is aware that an exploit for CVE-2024-5274 exists in the wild.
Please, do note, that since some versions ago, only x86_64 is supported.
i586 support for linux was stopped some years ago and the community is
not able to provide patches anymore for the latest Chromium code.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33240
• https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5274

SRPMS

9/tainted

• chromium-browser-stable-125.0.6422.112-1.mga9.tainted